Ionut Arghire reports that Chinese hackers exploited Fortinet FortiOS SSL-VPN vulnerability when it was still a zero-day. Mandiant tracks the bug as CVE-2022-42475 (CVSS score of 9.8), and described it as “a buffer overflow issue that could be exploited by remote, unauthenticated attackers to execute code or commands via crafted requests.” Read more at Security Week.
Meanwhile, Ilija Miljkovac reports that North Korean hackers targeted South Korean users with malware by abusing a previously unknown Internet Explorer’s zero-day vulnerability according to Google’s Threat Analysis Group (TAG). TAG became aware of the flaw after a document titled “221031 Seoul Yongsan Itaewon accident response situation (06:00).docx” was uploaded to their VirusTotal tool. Read more at Business2Community.